Dmitry Sokolov recommends UnHackMe!
UnHackMe is a powerful tool against malware.UnHackMe quickly removes rootkits/malware/adware/browser hijack issues!
W32.Mabezat.B!inf also known as PE_MABEZAT.B-1, W32.Mabezat, Win32.Worm.Mabezat.Gen.
Malware Analysis of W32.Mabezat.B!inf – NEW FOLDER(3).EXE
Created files:
%Local Appdata%\Microsoft\CD Burning\autorun.inf
%Local Appdata%\Microsoft\CD Burning\KHATRA.exe
%Local Appdata%\Microsoft\CD Burning\New Folder(3).exe
%Local Appdata%\Microsoft\CD Burning\zPharaoh.exe
%Local Appdata%\Microsoft\FORMS\FRMCACHE.DAT
Autostart registry keys:
HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\G_Host: “”%WinDir%\System\gHost.exe” /Reproduce”
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Xplorer: “%WinDir%\Xplorer.exe”
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman: “%SysDir%\KHATRA.exe”
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\objracer: “%SysDir%\KHATRA.exe”
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\load: “%SysDir%\KHATRA.exe”
Detected by UnHackMe:
NEW FOLDER(3).EXE
Default location: %LOCAL APPDATA%\MICROSOFT\CD BURNING\NEW FOLDER(3).EXE
Dropper hash(md5): 6a1fe95d7b66a3c8cda36502edcd2426
UnHackMe
removes malware invisible for your antivirus!
UnHackMe is 100% CLEAN, which means it does not contain any form of malware, including adware, spyware, viruses, trojans and backdoors. VirusTotal (0/56).
System Requirements: Windows 2000-Windows 8.1/10. UnHackMe uses minimum of computer resources.